Описание
Malicious Package in only-test-not-install
All versions of only-test-not-install contain malicious code. The package deletes the folder ~/test from the system as a postinstall script.
Recommendation
Remove the package from your environment. There are no further signs of compromise.
Пакеты
Наименование
only-test-not-install
npm
Затронутые версииВерсия исправления
>= 0.0.0
Отсутствует
9.8 Critical
CVSS3
Дефекты
CWE-506
9.8 Critical
CVSS3
Дефекты
CWE-506